Secret CISO 4/17: Healthcare Cyberattacks Surge, UnitedHealth Loses $872M, DOJ Enhances Data Security, Microsoft Azure Breach, Research on Data Breach Impact and Quantum Security
Welcome to today's edition of the Secret CISO newsletter, where we delve into the latest happenings in the world of cybersecurity. In today's headlines, we see a new phase of the Change Healthcare attack as hackers begin to leak data. The hacking group, RansomHub, is sharing pieces of data stolen in the cyberattack as it seeks ransom payments. This comes as UnitedHealth faces a potential $1.6 billion hit this year due to the data breach. In response to the growing threat to data security, the Department of Justice is building a Data Security Protection and Enforcement Program. This comes as AT&T offers security measures to customers following a massive data leak in March. In other news, Sentra is expanding its advisory board with the appointment of cybersecurity veteran Robert Bigman. This follows a report suggesting that 93% of breaches lead to downtime and data loss. In the healthcare sector, 96% of hospitals still use website tracking technologies that share data with third parties, leading to potential data breaches and HIPAA violations. On the tech front, Microsoft's unsecured Azure Cloud Server exposed internal employee credentials for a month, highlighting the need for robust data security measures. Stay tuned for more updates and remember, knowledge is the first line of defense in cybersecurity.
Data Breaches
- New Phase Of Change Healthcare Attack Begins As Hackers Leak Data: RansomHub, a hacking group, has started leaking data stolen in the Change Healthcare cyberattack, escalating their ransom demands. Source: KFF Health News
- UnitedHealth to take up to $1.6 billion hit this year from Change hack: UnitedHealth has already booked $872 million in costs related to the data breach in the quarter, with more expected to come. Source: Reuters
- AT&T offers security measures to customers following massive data leak: AT&T is offering identity theft monitoring and a $1 million insurance policy to customers following a massive data leak in March. Source: USA Today
- Microsoft's Unsecured Azure Cloud Server Exposed Internal Employee Credentials for a Month: Microsoft's Azure Cloud server was left unsecured, exposing internal employee credentials for a month. The data breach was likely related to Microsoft's credential dump on GitHub. Source: CPO Magazine
- Data Breach At Health Insurance Giant Costs Company More Than $800 Million: UnitedHealth Group lost $872 million due to a data breach by a group of hackers. Source: Daily Caller
Security Research
- Utah Researchers Map Spread of Respiratory Illness Through Dirt, Dust: Researchers in Utah are collecting samples to map the spread of respiratory illness through dirt and dust. This innovative approach could provide new insights into the transmission of diseases. Source: unmc.edu
- Steganography Campaign Targets Global Enterprises: A new steganography campaign is targeting global enterprises, according to security researchers. The campaign uses hidden data within digital files to infiltrate systems. Source: bankinfosecurity.com
- Babylon: Bitcoin Shared Security and Staking: Researcher Nikhil is focusing on Web3 Infrastructure and Decentralized AI, with a particular emphasis on Bitcoin's shared security and staking. This research could have significant implications for the future of cryptocurrency. Source: messari.io
- New Conversation on Private Maritime Security: A new conversation on private maritime security is emerging, led by security researcher and consultant Stephanie Oserwa Schandorf. This discussion is particularly relevant given the increase in piracy incidents in the Gulf of Guinea between 2021 and 2022. Source: ghanaweb.com
- Researchers Create 'Quantum Drums' to Store Qubits: Researchers have created 'quantum drums' to store qubits, bringing us one step closer to groundbreaking internet speed and security. This research could revolutionize the way we store and transmit data. Source: tomshardware.com
Top CVEs
- CVE-2023-40000 - LiteSpeed Technologies LiteSpeed Cache Vulnerability: A Cross-site Scripting vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS. The issue affects LiteSpeed Cache versions from n/a through. Source: CVE-2023-40000
- CVE-2022-24806 - net-snmp Vulnerability: net-snmp, a toolset for the Simple Network Management Protocol, has an Improper Input Validation vulnerability in versions prior to 5.9.2. A user with read-write credentials can exploit this vulnerability by SETing malformed OIDs in the master agent and subagent simultaneously. Source: CVE-2022-24806
- CVE-2022-24805 - net-snmp Buffer Overflow: net-snmp, prior to version 5.9.2, has a buffer overflow vulnerability in the handling of the INDEX of NET-SNMP-VACM-MIB, which can cause an out-of-bounds memory access. A user with read-only credentials can exploit this issue. Source: CVE-2022-24805
- CVE-2022-24809 - net-snmp NULL Pointer Dereference: In net-snmp, prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Source: CVE-2022-24809
- CVE-2022-24807 - net-snmp Out-of-Bounds Memory Access: In net-snmp, prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. A user with read-write credentials can exploit this issue. Source: CVE-2022-24807
Final Words
As we wrap up today's edition of Secret CISO, we can't help but reflect on the ever-evolving landscape of cybersecurity. From the new phase of Change Healthcare Attack to the Department of Justice building a Data Security Protection and Enforcement Program, it's clear that the need for robust security measures is more critical than ever. We've also seen how companies like Sentra are strengthening their advisory boards with cybersecurity veterans, and how even giants like AT&T and Microsoft are not immune to data leaks and breaches. The importance of data security in the healthcare sector has been highlighted yet again, with UnitedHealth taking a significant financial hit due to a data breach. The hospitality sector is also under attack, as seen with the data compromise at Omni Hotels. On the research front, we've seen how researchers are making strides in areas like quantum drums for data storage and AI-driven approaches to cybersecurity analysis. In the face of these challenges and advancements, we hope that Secret CISO continues to be a valuable resource for you. Please share this newsletter with your friends and colleagues so they too can stay informed about the latest in cybersecurity. Remember, in the world of cybersecurity, knowledge is not just power, it's protection. Stay safe and see you in the next edition of Secret CISO!